<?php
$ROOT_DIR_PATH = '../';
require_once($ROOT_DIR_PATH.'includes/includes.php');
require_once($ROOT_DIR_PATH.'classes/class.user.inc.php');
$ADMIN_PAGE_TITLE = 'Login to ' . $companyName . '&trade;';
$dashBoradUrl = $ADMIN_BASE_HREF . "dashboard.php";
if ($GENOBJ->isLoggedIn()) {
    $GENOBJ->redirect($dashBoradUrl);
}
$userName = '';
$password = '';
if ($_POST) {

    $GENOBJ->clearSessionErrorMessages();
    /* created the object of the class user */
    $userObj = new user();
    /* created the object of the class user permissions*/
    
    /* filtering the username and password to prevent sql injection */
    $filterArray = Array("TrimElement", "mysqlRealEscape");
    $filterElements['username'] = $_POST['username'];
    $filterElements['password'] = $_POST['password'];
    $filterElements = $GENOBJ->filter($filterElements, $filterArray);
    $userName = $filterElements['username'];
    $password = $filterElements['password'];
    if ($userName != '' && $password != '') {
        $user = $userObj->checkUserCredentials($userName, $password);
        if ($user) {
            /* Here the session is set */
			if ( $user['userid'] == '0' ) {
				$user['ROLE'] = 'ADMIN';
			} else {
				$user['ROLE'] = 'DEALER';
			}
            $GENOBJ->set_session($user);
            $GENOBJ->redirect($dashBoradUrl);
            exit;
        } else {
            $_SESSION['error']['wrongcredentials'] = 'Username or password incorrect';
        }
    } else if ($userName == '') {
        $_SESSION['error']['wrongcredentials'] = 'Username should not be blank';
    } else if ($password == '') {
        $_SESSION['error']['wrongcredentials'] = 'Password should not be blank';
    }
}
?>
	<?php include('templates/header.php');?>
     <body class="body-login">
          <div id ="login" class="login-all clear">
               <div class="info">
                    <h1>Information</h1>
                    <div class="centerLogin">
                         <p id="img">For the Admin console to work properly:</p>
                         <ol>
                              <li>Cookies must be enabled in your browser</li>
                              <li>Javascript must be enabled in your browser</li>
                              <li>Popup windows must be allowed for the following address:</li>
                         </ol><span>( <?php echo $companyName;?> )</span>

                    </div>
               </div>
               <div class="login">
                    <div class="top" id="topheader" >Login to <?php echo $companyName;?>&trade;</div>
                    <div id="centerLogin" class="formcontainer">
	                    <div class="error-container">
	                    <?php if (isset($_SESSION['error']['wrongcredentials']) && $_SESSION['error']['wrongcredentials'] != ''): ?>
	                    	<div class="erroLogin">
							<?php echo $_SESSION['error']['wrongcredentials'];?>
						</div>
	                    <?php endif ; ?>
	                    
	                    <?php if (isset($_SESSION['error']['forgetpassword-emailerror']) && $_SESSION['error']['forgetpassword-emailerror'] != ''): ?>
						<div class="erroLogin">
							<?php echo $_SESSION['error']['forgetpassword-emailerror'];?>
						</div>
	                    <?php endif ; ?>
	                    
	                    <?php if (isset($_SESSION['error']['forgetpasswordsend']) && $_SESSION['error']['forgetpasswordsend'] != ''): ?>
	               		<div class="succMessage">
							<?php echo $_SESSION['error']['forgetpasswordsend'];?>
						</div>
				     <?php endif ; ?>
				     </div>
                         <div id="loginForm"	<?php if (isset($_SESSION['error']['forgetpassword-emailerror'])) echo 'style="display:none;"';?>>
						<div class="lbfieldstext">
	                              <p class="lbuser">Email Address:</p>
	                              <p class="lbpass">Password:</p>
	                         </div>
	                         <div class="login-fields">
	                              <form method="post" action="login.php" id="loginfrm">
	                                   <p>
	                                        <input id="username" name="username" class="textclass" type="text" size="15" value="<?php echo $userName;?>" /><br />
	                                        <input id="password"  class="textclass" name="password" type="password" size="15" /><br />
									<input class="loginsubmit" name="loginsubmit" type="submit" value="Submit" />
	                                        <input class="loginsubmit" name="logincancel" type="reset" value="Cancel" />
	                                   </p>
	                              </form>
	                              <div class="forgot-pw">
	                                   <a id="forgetPasswordLink" href="#">Forgot your password?</a>
	                              </div>
	                         </div>
                         </div>
                         <div style="clear: both;"></div>
                         <div id="forgetPasswordForm" <?php if (!isset($_SESSION['error']['forgetpassword-emailerror'])) echo 'style="display:none;"';?> >
					    <div class="lbfieldstext">
	                              <p class="lbuser">Email Address:</p>
	                         </div>
	                         <div class="login-fields">
	                              <form method="post" action="forgotpassword.php" id="forgotpasswordfrm">
	                                   <p>
	                                        <input id="email"  class="textclass" name="email" type="text" size="15" /><br />
									<input class="loginsubmit" name="loginsubmit" type="submit" value="Submit" />
	                               
	                                   </p>
	                              </form>
	                              <div class="forgot-pw">
	                                   <a id="LoginLink" href="#">Login to <?php echo $companyName;?></a>
	                              </div>
	                         </div>
                         </div>
                    </div>
               </div>
          </div>
		<?php include('templates/footer.php');?>		
     </body>
</html>